CrowdStrike Falcon® Spotlight
The world’s leading AI-native platform for vulnerability management

Proactively close gaps with one agent for endpoint security and vulnerability management.

Now part of Falcon Exposure Management
A Leader in Risk-Based Vulnerability Management Platforms

CrowdStrike named a Leader in the IDC MarketScape: Worldwide Risk-Based Vulnerability Management Platforms 2023 Vendor Assessment.

Traditional vulnerability management tools create more problems than they solve

Burdensome scanning infrastructure

Legacy scanning tools force organizations to waste endless cycles configuring and managing scans, maintaining credentials, and negotiating scanning windows.

Vulnerability data that’s
stale on arrival

It takes days or weeks to complete a scan of the environment, resulting in data that is chronically out of date and unreliable.

Siloed tooling and
slow response

VM teams are often unable to meaningfully contribute to incident response when slow scans and lack of context add hours to
response time.

Why choose Falcon Spotlight?

Modern VM with no infrastructure to manage, no scanning impact to hosts, and no waiting weeks or months for stale results.

Zero scanning overhead to manage

The cloud-native CrowdStrike Falcon® platform and unified agent collects data once and reuses it many times, requiring no additional agents or hardware. Say goodbye to managing scanners and credentials, and negotiating scan windows.

Scanless and fast assessment

CrowdStrike Falcon® Spotlight utilizes scanless vulnerability assessment technology, delivering always-on, automated vulnerability management that prioritizes risks in real time.

Break down silos within security teams

Falcon Spotlight natively integrates industry-leading threat intelligence, letting security and VM teams deeply understand common vulnerabilities and exposures (CVEs) alongside threat actor profiles and techniques to collaborate and respond faster.

Falcon Spotlight by the numbers


More efficient prioritization with Falcon Spotlight’s ExPRT.AI prioritization model

<8 hours

Time to visibility when a new CVE detection rule is added


Amount of scanning infrastructure overhead to maintain

See Falcon Spotlight
in action

Watch video demo

See Falcon Spotlight
in action

Watch video demo

Falcon Spotlight key capabilities

Single agent

Scan-free and no new agents

  • Continuous vulnerability assessment using CrowdStrike’s single, lightweight Falcon agent
  • Cloud-native architecture with no performance impact on the endpoint
  • Real-time instant visibility on emerging vulnerabilities

AI-powered predictive prioritization

  • Automatically prioritize risks with an advanced AI model trained on CrowdStrike’s industry-leading threat intelligence and vulnerability expertise
  • Real-time, threat-based telemetry narrows down vulnerability prioritization beyond CVSS severity
  • Confidently prioritize risk for more impact with less work

Rich context informed by world-class intel

  • Know the adversaries targeting each vulnerability
  • Connect the dots from vulnerabilities to attacker tactics and their exploit techniques
  • See gaps and collaborate with SecOps teams to proactively block attacks

Power of the unified platform

  • Integration with CrowdStrike’s Asset Graph provides indispensable asset visibility to understand potential attack paths with asset connectivity and criticality
  • Easy- to- use workflow tool (Falcon Fusion) facilitates ticketing, patching, and remediation
  • Falcon Spotlight provides vulnerability context to other modules across the Falcon platform for a holistic, inter-connected view